<? 
require 'inc_security.php';
$ctl_id = getValue('ctl_id','int','GET',0);
if($ctl_id > 0){
   $file_name = db_one("SELECT ctl_filename FROM catalog WHERE ctl_id =".$ctl_id);

$path = $_SERVER['DOCUMENT_ROOT']."/file/catalog/"; // change the path to fit your websites document structure
$fullPath = $path.$file_name;
if(file_exists($fullPath)){
   if ($fd = fopen ($fullPath, "r")) {
       $fsize = filesize($fullPath);
       $path_parts = pathinfo($fullPath);
       $ext = strtolower($path_parts["extension"]);
       switch ($ext) {
           case "pdf":
           header("Content-type: application/pdf"); // add here more headers for diff. extensions
           header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\""); // use 'attachment' to force a download
           break;
           default;
           header("Content-type: application/octet-stream");
           header("Content-Disposition: filename=\"".$path_parts["basename"]."\"");
       }
       header("Content-length: $fsize");
       header("Cache-control: private"); //use this to open files directly
       while(!feof($fd)) {
           $buffer = fread($fd, 2048);
           echo $buffer;
       }
       fclose ($fd);
   }
}
else echo "file không tồn tại !";
exit;
}
?>